package com.itqf.realm;

import com.itqf.entity.SysUser;
import com.itqf.service.SysUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import javax.annotation.Resource;
import java.util.List;

/**
 * @Description: MyJob  implements Job
 *  class MyUserRealm extends AuthorizingRealm
 *  认证和授权的方法
 * @Company: 千锋互联
 * @Author: 李丽婷
 * @Date: 2021/1/27
 * @Time: 上午11:45
 */
public class MyUserRealm extends AuthorizingRealm {

    //注入service
    @Resource
    private SysUserService sysUserService;

    /**
     * 每次调用该方法   需要查询权限和角色  浪费资源  性能差
     * 解决：整合缓存
     * 第一次访问后，存储到缓存中，之后直接从缓存中返回权限等信息，不需要再调用该方法
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
       //zation
        System.out.println("授权.........");

        //认证的时候  this.principals = new SimplePrincipalCollection(principal, realmName);
        //得到认证时候存储的用户信息
        SysUser sysUser = (SysUser) principals.getPrimaryPrincipal();
        int id = sysUser.getId();

        //Collection<String> permissions
        //查询这个用户具有的权限 根据id查询-->sys_user_role--->sys_role  -->sys_role_menu--> sys_menu(perms(权限))

        //用户具有的权限
        List perms = sysUserService.findPerms(id);
        //用户具有的角色
        List roles = sysUserService.findRoles(id);


        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addStringPermissions(perms);//权限
        authorizationInfo.addRoles(roles);//角色


        return authorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //cation  认证
        System.out.println("认证(登录比较用户名和密码)...........");
        //取出用户名和密码 public Object getPrincipal() {
        //        return getUsername();
        //    }
        String username = (String)token.getPrincipal();
        //public char[] getPassword() {
        //        return password;
        //    }
        //注意密码  shiro处理成了  char[]
        String password =new String((char[])token.getCredentials());

        SysUser user = sysUserService.findByUsername(username);

        if (user==null){//根据用户名没查出数据
            //没有这个用户名
            throw  new UnknownAccountException("账号不存在");
        }

        if (!password.equals(user.getPassword())){
            throw new IncorrectCredentialsException("密码不对");
        }
        //status  1正常 0锁定
        if (user.getStatus()!=1){
            throw  new LockedAccountException("账号被锁定，请联系管理员");
        }

        //Object principal, Object credentials, String realmName
        /**
         * 参数一：把用户信息存储到shiro内部
         * 参数二：密码
         * 参数三：自定义realm名称
         */
        AuthenticationInfo info = new SimpleAuthenticationInfo
                (user,password,this.getName());

        return info;
    }
}
